From dc3aded9516ff19fcf486b322b39c87880d7e075 Mon Sep 17 00:00:00 2001 From: badra001 Date: Wed, 17 Mar 2021 08:16:00 -0400 Subject: [PATCH] update docs; add more code to move-to-production --- ses-domain/README.md | 15 +++++---- ses-domain/bin/move-to-production.sh | 50 ++++++++++++++++++++++++++++ ses-domain/main.tf | 13 ++++---- 3 files changed, 65 insertions(+), 13 deletions(-) create mode 100644 ses-domain/bin/move-to-production.sh diff --git a/ses-domain/README.md b/ses-domain/README.md index 2530a2c..12649bd 100644 --- a/ses-domain/README.md +++ b/ses-domain/README.md @@ -2,9 +2,10 @@ This sets up the domain identity for SES. We create by default `{account_id}.aws.mail.census.gov` as a sender domain, and generate the details which are to be submitted to TCO for inclusion in DNS. -The contents of the file `setup/ses_dns.md` contain the text which goes to TCO. A future enhancement +The contents of the file `${path.root}/setup/ses_dns.md` contain the text which goes to TCO. A future enhancement to this will include the ability to automatically incorporate the changes into DNS. This is a multi-step -setup: +setup: + 1. Create initial resources 1. Provide TCO Details for DNS Update 1. Complete domain validation @@ -39,11 +40,11 @@ This can be used without any variables to get the default configuration. module "ses" { source = "git@github.e.it.census.gov:terraform-modules/aws-inf-setup.git//ses-domain" - ## optional - # ses_domain_name = "somerandomdomain.aws.mail.census.gov" + ## optional, changing this is not recommended + # ses_domain_name = "123456789012.postal.census.gov" ## while these can be changed, it is not advised - ses_base_domain_name = "aws.mail.census.gov" - ses_base_dkim_domain_name = "dkim.amazonses.com" + # ses_base_domain_name = "aws.mail.census.gov" + # ses_base_dkim_domain_name = "dkim.amazonses.com" } ``` ## Create initial resources @@ -53,7 +54,7 @@ module "ses" { ## Provide TCO DNS details -See and exmaple [ses\_dns.md](example.ses\_dns.md). This file will be in `setup/ses_dns.md`. Submit this to TCO to get the records added to DNS. +See and example [ses\_dns.md](example.ses\_dns.md). This file will be in `setup/ses_dns.md`. Submit this to TCO to get the records added to DNS. ## After DNS is updated Once DNS has been updated, you can run `tf-apply` on the resource again. It will look for a non-empty value diff --git a/ses-domain/bin/move-to-production.sh b/ses-domain/bin/move-to-production.sh new file mode 100644 index 0000000..bdcd410 --- /dev/null +++ b/ses-domain/bin/move-to-production.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +# https://docs.aws.amazon.com/ses/latest/DeveloperGuide/request-production-access.html + +AWS=$(which aws 2>/dev/null) +if [ -z $AWS ] +then + echo "* aws CLI missing" + exit 1 +fi +$AWS sesv2 help >/dev/null 2>&1 +status=$? +if [ $status != 0 ] +then + echo "* aws sesv2 CLI missing" + exit 1 +fi + +if [ -z $SES_USE_CASE_DESCRIPTION ] +then + SES_USE_CASE_DESCRIPTION="Used for alerting and notification from lambda and other applications to users within our own enterprise mail system" +fi + +if [ -z $SES_ADDITIONAL_CONTACT_EMAIL ] +then + SES_ADDITIONAL_CONTACT_EMAIL="donald.e.badrak.ii@census.gov,roy.d.ashley.jr@census.gov" +fi + +$AWS sesv2 put-account-details \ +--production-access-enabled \ +--mail-type TRANSACTIONAL \ +--use-case-description "$SES_USE_CASE_DESCRIPTION" \ +--additional-contact-email-addresses "$SES_ADDITINAL_CONTACT_EMAIL" \ +--contact-language EN +status=$? + +if [ $status != 0 ] +then + echo "* error requesting production access for SES" +fi +exit $status + +# unused options +# --website-url https://example.com +# +# env variables: +# AWS_DEFAULT_REGION +# AWS_PROFILE +# SES_ADDITIONAL_CONTACT_EMAIL +# SES_USE_CASE_DESCRIPTION diff --git a/ses-domain/main.tf b/ses-domain/main.tf index 74c3be0..f566a72 100644 --- a/ses-domain/main.tf +++ b/ses-domain/main.tf @@ -3,9 +3,10 @@ * * This sets up the domain identity for SES. We create by default `{account_id}.aws.mail.census.gov` * as a sender domain, and generate the details which are to be submitted to TCO for inclusion in DNS. -* The contents of the file `setup/ses_dns.md` contain the text which goes to TCO. A future enhancement +* The contents of the file `${path.root}/setup/ses_dns.md` contain the text which goes to TCO. A future enhancement * to this will include the ability to automatically incorporate the changes into DNS. This is a multi-step * setup: +* * 1. Create initial resources * 1. Provide TCO Details for DNS Update * 1. Complete domain validation @@ -40,11 +41,11 @@ * module "ses" { * source = "git@github.e.it.census.gov:terraform-modules/aws-inf-setup.git//ses-domain" * -* ## optional -* # ses_domain_name = "somerandomdomain.aws.mail.census.gov" +* ## optional, changing this is not recommended +* # ses_domain_name = "123456789012.postal.census.gov" * ## while these can be changed, it is not advised -* ses_base_domain_name = "aws.mail.census.gov" -* ses_base_dkim_domain_name = "dkim.amazonses.com" +* # ses_base_domain_name = "aws.mail.census.gov" +* # ses_base_dkim_domain_name = "dkim.amazonses.com" * } * ``` * ## Create initial resources @@ -54,7 +55,7 @@ * * ## Provide TCO DNS details * -* See and exmaple [ses_dns.md](example.ses_dns.md). This file will be in `setup/ses_dns.md`. Submit this to TCO to get the records added to DNS. +* See and example [ses_dns.md](example.ses_dns.md). This file will be in `setup/ses_dns.md`. Submit this to TCO to get the records added to DNS. * * ## After DNS is updated * Once DNS has been updated, you can run `tf-apply` on the resource again. It will look for a non-empty value